The guide explains how to install Fedora 36’s built‑in Cockpit package with a simple dnf install cockpit command and then activate its systemd socket using systemctl enable --now cockpit.socket, which makes the web console start on demand. It shows how to open port 9090 through firewalld by adding the “cockpit” service permanently and reloading the firewall, ensuring remote browsers can reach the interface. A quick verification step with systemctl status cockpit.socket confirms that the socket is active and listening on all interfaces. Finally, you access Cockpit at https://<your‑fedora‑ip>:9090, accepting the self‑signed certificate and logging in with your existing PAM credentials.

Install Cockpit on Fedora Linux 36 for Remote Admin

If you’re running Fedora 36 and want a quick web console to keep an eye on services, users, and storage, this guide shows exactly how to get Cockpit up and running from the terminal. You’ll also learn why enabling its socket matters and how to verify everything is actually listening.

Add the Cockpit package

Fedora ships Cockpit in its default repositories, so you don’t need any extra repos or third‑party sources.

sudo dnf install cockpit

dnf pulls the latest stable build for Fedora 36. If you’ve ever tried to manage a headless box with only ssh, you’ll know how painful it is to remember every systemctl flag—Cockpit replaces that guesswork with a clean UI.

Enable and start the socket

Cockpit runs as a systemd socket‑activated service. Enabling the socket tells systemd to launch Cockpit on demand, which saves resources when you’re not using the web console.

sudo systemctl enable --now cockpit.socket

enable makes the socket start automatically at boot, while --now starts it immediately without a reboot. Skipping this step is a common mistake; the package installs fine but the web UI stays unreachable because the socket never listens on port 9090.

Open the firewall

Fedora’s default firewalld blocks incoming traffic to most ports. Allowing Cockpit’s port lets you reach the console from another machine or your laptop.

sudo firewall-cmd --add-service=cockpit --permanent
sudo firewall-cmd --reload

The --permanent flag writes the rule to the config file, and --reload applies it right away. I once left this out on a fresh install; the browser kept timing out even though the service was running.

Verify the service

A quick check confirms everything is listening where it should be:

sudo systemctl status cockpit.socket

You should see “active (running)” and a line showing Listening on 0.0.0.0:9090. If you get anything else, double‑check that the firewall rule was applied and that you didn’t accidentally disable the socket with another command.

Connect with your browser

Point any modern browser to:

https://<your-fedora-ip>:9090

Accept the self‑signed certificate if prompted (or replace it with a proper one later). Log in with the same credentials you use for SSH; Cockpit respects PAM, so no extra accounts are required.

That’s all there is to it. You now have a lightweight, web‑based admin panel that works out of the box on Fedora 36.